﻿<?php
	session_start();
	error_reporting (E_ALL ^ E_NOTICE);
	include("./config/conn_database.php");
	$strSQL = "SELECT * 
			   FROM add_member
			   WHERE mem_uname = '".$_POST['uname']."'
			   AND mem_pname = MD5('".$_POST['pname']."')";
	$objQuery = mysql_query($strSQL);
	$objResult = mysql_fetch_array($objQuery);
	if($objResult){
		$_SESSION["mem_pid"] = $objResult['mem_pid'];
		$_SESSION["mem_fname"] = $objResult['mem_fname'];
		$_SESSION["pri_id"] = $objResult['pri_id'];		
		echo "<script type='text/javascript'>";
		echo "alert('ยินดีตอนรับเข้าสู่ระบบ')";
		echo "</script>";
		echo "<meta http-equiv='refresh' content='0; url=admin_menu.php'>";
	}else{
		echo "<script type='text/javascript'>";
		echo "alert('ชื่อผู้ใช้หรือรหัสผ่านผิดพลาด')";
		echo "</script>";
		echo "<meta http-equiv='refresh' content='0; url=index.php'>";
	}
	mysql_close($objConnect);
?>